Novell ZENworks Configuration Management < 11.2.4 Multiple Vulnerabilities

critical Nessus Plugin ID 70726

Synopsis

The remote web server is running a configuration management application affected by multiple vulnerabilities.

Description

The version of Novell ZENworks Configuration Management installed on the remote host can be tricked into disclosing any file readable by the Novell ZENworks umaninv service, and as such it is affected by multiple vulnerabilities :

- A directory traversal vulnerability exists that allows any file readable by the Novell ZENworks umaniv service to be disclosed. (CVE-2013-1084)

- An unspecified flaw in the ZENworks Control Center page that can result in an application exception with an unspecified impact. (CVE-2013-6345)

- An unspecified cross site request forgery flaw in the ZENworks Control Center page. (CVE-2013-6346)

- An unspecified cross frame scripting flaw in the ZENworks Control Center page. (CVE-2013-6344)

- An unspecified session fixation flaw in the ZENworks Control Center page. (CVE-2013-6347)

Solution

Update to Novell ZENworks 11.2.4 or later.

See Also

https://www.zerodayinitiative.com/advisories/ZDI-13-258/

https://support.microfocus.com/kb/doc.php?id=7012760

https://support.microfocus.com/kb/doc.php?id=7012027

Plugin Details

Severity: Critical

ID: 70726

File Name: novell_zenworks_configuration_management_directory_traversal.nasl

Version: 1.15

Type: remote

Family: CGI abuses

Published: 11/1/2013

Updated: 6/5/2024

Supported Sensors: Nessus

Enable CGI Scanning: true

Risk Information

VPR

Risk Factor: Medium

Score: 5.9

CVSS v2

Risk Factor: Critical

Base Score: 10

Temporal Score: 7.8

Vector: CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C

Vulnerability Information

CPE: cpe:/a:novell:zenworks_configuration_management

Required KB Items: www/zenworks_control_center

Excluded KB Items: Settings/disable_cgi_scanning

Exploit Available: true

Exploit Ease: Exploits are available

Exploited by Nessus: true

Patch Publication Date: 10/28/2013

Vulnerability Publication Date: 10/29/2013

Reference Information

CVE: CVE-2013-1084, CVE-2013-6344, CVE-2013-6345, CVE-2013-6346, CVE-2013-6347

BID: 63433, 63495, 63497, 63498, 63499